我在 EC2 上配置了一个气流网络服务器,它侦听端口 8080.
I have an airflow web server configured at EC2, it listens at port 8080.
我在 EC2 前面有一个 AWS ALB(应用程序负载均衡器),监听 https 80(面向互联网),实例目标端口面向 http 8080.
I have an AWS ALB(application load balancer) in front of the EC2, listen at https 80 (facing internet) and instance target port is facing http 8080.
我无法浏览 <气流链接 > 来自浏览器,因为气流网络服务器将我重定向到 http ://<气流链接 >/admin,ALB 不监听.
I cannot surf < airflow link > from browser because the airflow web server redirects me to http : //< airflow link >/admin, which the ALB does not listen at.
如果我上网 <气流链接 >/admin/airflow/login?next=%2Fadmin%2F 来自浏览器,然后我看到登录页面,因为此链接不会重定向我.
If I surf < airflow link > /admin/airflow/login?next=%2Fadmin%2F from browser, then I see the login page because this link does not redirect me.
我的问题是如何改变气流,以便在浏览 <气流链接 > ,气流网络服务器会将我重定向到 https:...,而不是 .....以便 AWS ALB 可以处理请求.
My question is how to change airflow so that when surfing < airflow link > , airflow web server will redirect me to https:..., not ..... so that AWS ALB can process the request.
我尝试将airflow.cfg 的base_url 从localhost:8080 更改为localhost:8080,根据下面的答案,但我看不出我的变化有什么不同......
I tried to change base_url of airflow.cfg from localhost:8080 to localhost:8080, according to the below answer, but I do not see any difference with my change....
反正怎么访问<气流链接 > 来自 ALB?
Anyway, how to access < airflow link > from ALB?
推荐答案我终于自己找到了解决方案.
Finally I found a solution myself.
我在ALB和airflow web服务器之间引入了一个nginx反向代理:即.https 请求 ->ALB:443 ->nginx 代理:80 ->Web 服务器:8080.我通过添加 http 标头X-Forwarded-Proto https"让 nginx 代理告诉气流 Web 服务器原始请求是 https 而不是 http.
I introduced a nginx reverse proxy between ALB and airflow web server: ie. https request ->ALB:443 ->nginx proxy: 80 ->web server:8080. I make the nginx proxy tell the airflow web server that the original request is https not http by adding a http header "X-Forwarded-Proto https".
nginx 服务器与 Web 服务器位于同一位置.我将它的配置设置为/etc/nginx/sites-enabled/vhost1.conf (见下文).此外,我删除了/etc/nginx/sites-enabled/default 配置文件.
The nginx server is co-located with the web server. and I set the config of it as /etc/nginx/sites-enabled/vhost1.conf (see below). Besides, I deletes the /etc/nginx/sites-enabled/default config file.
server { listen 80; server_name <domain>; index index.html index.htm; location / { proxy_pass_header Authorization; proxy_pass localhost:8080; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto https; proxy_http_version 1.1; proxy_redirect off; proxy_set_header Connection ""; proxy_buffering off; client_max_body_size 0; proxy_read_timeout 36000s; } }更多推荐
无法通过 AWS 负载均衡器 HTTPS 访问气流 Web 服务器,因为气流将我重定向到 HTTP
发布评论